The design of security protocols is typically approached as an art, rather than a science, and often with disastrous consequences. But this need not be so! I have been working for ca. 20 years on foundations, methods, and tools, both for developing protocols that are correct by construction and for the post-hoc verification of existing designs. In this talk I will introduce my work in this area and describe my experience analyzing, improving, and contributing to different industry standards, both existing and upcoming.
David Basin is a full professor within the Department of Computer Science, ETH Zurich since 2003, where he heads the Information Security Group. He is also department head. He received his bachelor’s degree in mathematics from Reed College in 1984, his Ph.D. from Cornell University in 1989, and his Habilitation from the University of Saarbrücken in 1996. His appointments include a postdoctoral research position at the University of Edinburgh (1990 - 1991), and afterwards he led a subgroup, within the programming logics research group, at the Max-Planck-Institut für Informatik (1992 - 1997). From 1997 - 2002 he was a full professor at the University of Freiburg where he held the chair for software engineering. His research focuses on Information Security, in particular on foundations, methods, and tools for modeling, building, and validating secure and reliable systems. He is Editor-in-Chief of the ACM Transactions on Privacy and Security and of Springer-Verlag’s book series on Information Security and Cryptography. He is also the founding director of ZISC, the Zurich Information Security Center, which he led from 2003-2011. He was named Fellow of the ACM in 2018 for his contributions to Information Security and Formal Methods.